1 /* 2 * COPYRIGHT (c) International Business Machines Corp. 2012-2017 3 * 4 * This program is provided under the terms of the Common Public License, 5 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this 6 * software constitutes recipient's acceptance of CPL-1.0 terms which can be 7 * found in the file LICENSE file or at 8 * https://opensource.org/licenses/cpl1.0.php 9 */ 10 11 /* 12 * OpenCryptoki ICSF token - LDAP functions 13 * 14 * Author: Joy Latten (jmlatten@linux.vnet.ibm.com) 15 * 16 */ 17 18 #ifndef PBKDF_H 19 #define PBKDF_H 20 21 #define SALTSIZE 16 // salt is 16 bytes 22 #define DKEYLEN 32 // 256 bytes is max key size to be derived 23 #define PIN_SIZE 80 // samedefine in pkcsconf 24 #define ENCRYPT_SIZE 96 // PIN_SIZE + AES_BLOCK_SIZE (for padding) 25 26 #define ICSF_CONFIG_PATH CONFIG_PATH "/icsf" 27 #define RACFFILE ICSF_CONFIG_PATH "/RACF" 28 29 CK_RV get_randombytes(unsigned char *output, int bytes); 30 31 CK_RV encrypt_aes(CK_BYTE * racfpwd, int racflen, CK_BYTE * dkey, 32 CK_BYTE * iv, CK_BYTE * outbuf, int *outbuflen); 33 34 CK_RV decrypt_aes(CK_BYTE * edata, int edatalen, CK_BYTE * dkey, 35 CK_BYTE * iv, CK_BYTE * ddata, int *ddatalen); 36 37 CK_RV get_racf(CK_BYTE * mk, CK_ULONG mklen, CK_BYTE * racfpwd, int *racflen); 38 39 CK_RV get_masterkey(CK_BYTE *pin, CK_ULONG pinlen, const char *fname, 40 CK_BYTE *masterkey, int *len); 41 42 CK_RV pbkdf(CK_BYTE * passwd, CK_ULONG passwdlen, CK_BYTE * salt, 43 CK_BYTE * dkey, CK_ULONG klen); 44 45 CK_RV secure_racf(CK_BYTE * racfpwd, CK_ULONG racflen, CK_BYTE * mk, 46 CK_ULONG mklen); 47 48 CK_RV secure_masterkey(CK_BYTE * masterkey, CK_ULONG len, CK_BYTE * pin, 49 CK_ULONG pinlen, const char *fname); 50 51 #endif 52